CVE-2013-1285 Information

Description

The USB kernel-mode drivers in Microsoft Windows XP SP2 and SP3 Windows Server 2003 SP2 Windows Vista SP2 Windows Server 2008 SP2 R2 and R2 SP1 Windows 7 Gold and SP1 Windows 8 and Windows Server 2012 do not properly handle objects in memory which allows physically proximate attackers to execute arbitrary code by connecting a crafted USB device aka \Windows USB Descriptor Vulnerability\ a different vulnerability than CVE-2013-1286 and CVE-2013-1287.

Reference

http://www.us-cert.gov/ncas/alerts/TA13-071A https://docs.microsoft.com/en-us/security-updates/securitybulletins/2013/ms13-027 https://oval.cisecurity.org/repository/search/definition/oval3Aorg.mitre.oval3Adef3A16441